WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/06/2009 10:00:05 PM (9 years ago)
Author:
ryan
Message:

Add get_editable_roles() and role filtering. Props jeremyclarke. fixes #8770

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/user.php

    r10150 r10323  
    1010 * Creates a new user from the "Users" form using $_POST information.
    1111 *
    12  * {@internal Missing Long Description}}
    13  *
    14  * @since unknown
     12 * It seems that the first half is for backwards compatibility, but only
     13 * has the ability to alter the user's role. Wordpress core seems to
     14 * use this function only in the second way, running edit_user() with
     15 * no id so as to create a new user.
     16 *
     17 * @since 2.0
    1518 *
    1619 * @param int $user_id Optional. User ID.
     
    2326
    2427        if ( isset( $_POST['role'] ) ) {
     28            // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
    2529            if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' ) ) {
     30                // If the new role isn't editable by the logged-in user die with error
     31                $editable_roles = get_editable_roles();
     32                if (!$editable_roles[$_POST['role']])
     33                    wp_die(__('You can’t give users that role.'));
     34               
    2635                $user = new WP_User( $user_id );
    2736                $user->set_role( $_POST['role'] );
     
    3544
    3645/**
    37  * {@internal Missing Short Description}}
    38  *
    39  * {@internal Missing Long Description}}
    40  *
    41  * @since unknown
     46 * Edit user settings based on contents of $_POST
     47 *
     48 * Used on user-edit.php and profile.php to manage and process user options, passwords etc.
     49 *
     50 * @since 2.0
    4251 *
    4352 * @param int $user_id Optional. User ID.
    44  * @return unknown
     53 * @return int user id of the updated user
    4554 */
    4655function edit_user( $user_id = 0 ) {
     
    6675
    6776    if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
     77
     78        // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
    6879        if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' ))
    69             $user->role = $_POST['role'];
     80            $user->role = $_POST['role'];
     81
     82        // If the new role isn't editable by the logged-in user die with error
     83        $editable_roles = get_editable_roles();
     84        if (!$editable_roles[$_POST['role']])
     85            wp_die(__('You can’t give users that role.'));
    7086    }
    7187
     
    243259
    244260/**
     261 * Fetch a filtered list of user roles that the current user is
     262 * allowed to edit.
     263 *
     264 * Simple function who's main purpose is to allow filtering of the
     265 * list of roles in the $wp_roles object so that plugins can remove
     266 * innappropriate ones depending on the situation or user making edits.
     267 * Specifically because without filtering anyone with the edit_users
     268 * capability can edit others to be administrators, even if they are
     269 * only editors or authors. This filter allows admins to delegate
     270 * user management.
     271 *
     272 * @since 2.8
     273 *
     274 * @return unknown
     275 */
     276function get_editable_roles() {
     277    global $wp_roles;
     278
     279    $all_roles = $wp_roles->roles;
     280    $editable_roles = apply_filters('editable_roles', $all_roles); 
     281   
     282    return $editable_roles;
     283}
     284
     285/**
    245286 * {@internal Missing Short Description}}
    246287 *
Note: See TracChangeset for help on using the changeset viewer.